Google Git
Sign in
chromium / chromium / src / f9fbe22a90c39cb811e94976923ebff0bc7f939f / . / chrome / common / extensions / permissions / chrome_api_permissions.cc
blob: 624b9343cdbf467ee75342a8255d86dbf9374a45 [file] [log] [blame]
// Copyright (c) 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/common/extensions/permissions/chrome_api_permissions.h"
#include <stddef.h>
#include "base/macros.h"
#include "base/memory/ptr_util.h"
#include "extensions/common/permissions/api_permission.h"
#include "extensions/common/permissions/api_permission_set.h"
#include "extensions/common/permissions/media_galleries_permission.h"
#include "extensions/common/permissions/permissions_info.h"
#include "extensions/common/permissions/settings_override_permission.h"
namespace extensions {
namespace {
template <typename T>
APIPermission* CreateAPIPermission(const APIPermissionInfo* permission) {
return new T(permission);
}
} // namespace
std::vector<std::unique_ptr<APIPermissionInfo>>
ChromeAPIPermissions::GetAllPermissions() const {
// WARNING: If you are modifying a permission message in this list, be sure to
// add the corresponding permission message rule to
// ChromePermissionMessageProvider::GetPermissionMessages as well.
APIPermissionInfo::InitInfo permissions_to_register[] = {
// Register permissions for all extension types.
{APIPermission::kBackground, "background"},
{APIPermission::kDeclarativeContent, "declarativeContent"},
{APIPermission::kDesktopCapture, "desktopCapture"},
{APIPermission::kDesktopCapturePrivate, "desktopCapturePrivate"},
{APIPermission::kDownloads, "downloads"},
{APIPermission::kDownloadsOpen, "downloads.open"},
{APIPermission::kDownloadsShelf, "downloads.shelf"},
{APIPermission::kEasyUnlockPrivate, "easyUnlockPrivate"},
{APIPermission::kIdentity, "identity"},
{APIPermission::kIdentityEmail, "identity.email"},
{APIPermission::kExperimental, "experimental",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kEmbeddedExtensionOptions, "embeddedExtensionOptions",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kGeolocation, "geolocation",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kNotifications, "notifications"},
{APIPermission::kGcdPrivate, "gcdPrivate"},
{APIPermission::kGcm, "gcm"},
// Register extension permissions.
{APIPermission::kAccessibilityFeaturesModify,
"accessibilityFeatures.modify"},
{APIPermission::kAccessibilityFeaturesRead, "accessibilityFeatures.read"},
{APIPermission::kAccessibilityPrivate, "accessibilityPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kActiveTab, "activeTab"},
{APIPermission::kBookmark, "bookmarks"},
{APIPermission::kBrailleDisplayPrivate, "brailleDisplayPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kBrowsingData, "browsingData"},
{APIPermission::kCertificateProvider, "certificateProvider"},
{APIPermission::kContentSettings, "contentSettings"},
{APIPermission::kContextMenus, "contextMenus"},
{APIPermission::kCookie, "cookies"},
{APIPermission::kCryptotokenPrivate, "cryptotokenPrivate"},
{APIPermission::kDataReductionProxy, "dataReductionProxy",
APIPermissionInfo::kFlagImpliesFullURLAccess |
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kEnterpriseDeviceAttributes,
"enterprise.deviceAttributes"},
{APIPermission::kEnterprisePlatformKeys, "enterprise.platformKeys"},
{APIPermission::kFileBrowserHandler, "fileBrowserHandler",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kFontSettings, "fontSettings",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kHistory, "history"},
{APIPermission::kIdltest, "idltest"},
{APIPermission::kInput, "input"},
{APIPermission::kManagement, "management"},
{APIPermission::kMDns, "mdns", APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kNativeMessaging, "nativeMessaging"},
{APIPermission::kPlatformKeys, "platformKeys"},
{APIPermission::kPrivacy, "privacy"},
{APIPermission::kProcesses, "processes"},
{APIPermission::kSessions, "sessions"},
{APIPermission::kSignedInDevices, "signedInDevices"},
{APIPermission::kSyncFileSystem, "syncFileSystem"},
{APIPermission::kTab, "tabs"},
{APIPermission::kTopSites, "topSites"},
{APIPermission::kTts, "tts", APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kTtsEngine, "ttsEngine",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWallpaper, "wallpaper",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWebNavigation, "webNavigation"},
// Register private permissions.
{APIPermission::kScreenlockPrivate, "screenlockPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kActivityLogPrivate, "activityLogPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kAutoTestPrivate, "autotestPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kBookmarkManagerPrivate, "bookmarkManagerPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kCast, "cast", APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kChromeosInfoPrivate, "chromeosInfoPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kCommandsAccessibility, "commands.accessibility",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kCommandLinePrivate, "commandLinePrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kDeveloperPrivate, "developerPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kDial, "dial", APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kDownloadsInternal, "downloadsInternal"},
{APIPermission::kExperienceSamplingPrivate, "experienceSamplingPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kFileBrowserHandlerInternal, "fileBrowserHandlerInternal",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kFileManagerPrivate, "fileManagerPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kHotwordPrivate, "hotwordPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kIdentityPrivate, "identityPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kLogPrivate, "logPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWebcamPrivate, "webcamPrivate"},
{APIPermission::kMediaPlayerPrivate, "mediaPlayerPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kMediaRouterPrivate, "mediaRouterPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kMusicManagerPrivate, "musicManagerPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kPreferencesPrivate, "preferencesPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kSystemPrivate, "systemPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kCloudPrintPrivate, "cloudPrintPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kInputMethodPrivate, "inputMethodPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kEchoPrivate, "echoPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kFeedbackPrivate, "feedbackPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kImageWriterPrivate, "imageWriterPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kRtcPrivate, "rtcPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kTerminalPrivate, "terminalPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kVirtualKeyboardPrivate, "virtualKeyboardPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWallpaperPrivate, "wallpaperPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWebstorePrivate, "webstorePrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kStreamsPrivate, "streamsPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kEnterprisePlatformKeysPrivate,
"enterprise.platformKeysPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWebrtcAudioPrivate, "webrtcAudioPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWebrtcDesktopCapturePrivate,
"webrtcDesktopCapturePrivate", APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWebrtcLoggingPrivate, "webrtcLoggingPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kFirstRunPrivate, "firstRunPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kInlineInstallPrivate, "inlineInstallPrivate"},
{APIPermission::kSettingsPrivate, "settingsPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kAutofillPrivate, "autofillPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kWebstoreWidgetPrivate, "webstoreWidgetPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kPasswordsPrivate, "passwordsPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kUsersPrivate, "usersPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kLanguageSettingsPrivate, "languageSettingsPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kResourcesPrivate, "resourcesPrivate",
APIPermissionInfo::kFlagCannotBeOptional},
// Full url access permissions.
{APIPermission::kDebugger, "debugger",
APIPermissionInfo::kFlagImpliesFullURLAccess |
APIPermissionInfo::kFlagCannotBeOptional},
{APIPermission::kDevtools, "devtools",
APIPermissionInfo::kFlagImpliesFullURLAccess |
APIPermissionInfo::kFlagCannotBeOptional |
APIPermissionInfo::kFlagInternal},
{APIPermission::kPageCapture, "pageCapture",
APIPermissionInfo::kFlagImpliesFullURLAccess},
{APIPermission::kTabCapture, "tabCapture",
APIPermissionInfo::kFlagImpliesFullURLAccess},
{APIPermission::kTabCaptureForTab, "tabCaptureForTab",
APIPermissionInfo::kFlagInternal},
{APIPermission::kPlugin, "plugin",
APIPermissionInfo::kFlagImpliesFullURLAccess |
APIPermissionInfo::kFlagImpliesFullAccess |
APIPermissionInfo::kFlagCannotBeOptional |
APIPermissionInfo::kFlagInternal},
{APIPermission::kProxy, "proxy",
APIPermissionInfo::kFlagImpliesFullURLAccess |
APIPermissionInfo::kFlagCannotBeOptional},
// Platform-app permissions.
// The permission string for "fileSystem" is only shown when
// "write" or "directory" is present. Read-only access is only
// granted after the user has been shown a file or directory
// chooser dialog and selected a file or directory. Selecting
// the file or directory is considered consent to read it.
{APIPermission::kFileSystem, "fileSystem"},
{APIPermission::kFileSystemDirectory, "fileSystem.directory"},
{APIPermission::kFileSystemProvider, "fileSystemProvider"},
{APIPermission::kFileSystemRequestFileSystem,
"fileSystem.requestFileSystem"},
{APIPermission::kFileSystemRetainEntries, "fileSystem.retainEntries"},
{APIPermission::kFileSystemWrite, "fileSystem.write"},
{APIPermission::kMediaGalleries, "mediaGalleries",
APIPermissionInfo::kFlagNone,
&CreateAPIPermission<MediaGalleriesPermission>},
{APIPermission::kPointerLock, "pointerLock"},
{APIPermission::kCastStreaming, "cast.streaming"},
{APIPermission::kBrowser, "browser"},
{APIPermission::kLauncherSearchProvider, "launcherSearchProvider"},
// Settings override permissions.
{APIPermission::kHomepage, "homepage",
APIPermissionInfo::kFlagCannotBeOptional |
APIPermissionInfo::kFlagInternal,
&CreateAPIPermission<SettingsOverrideAPIPermission>},
{APIPermission::kSearchProvider, "searchProvider",
APIPermissionInfo::kFlagCannotBeOptional |
APIPermissionInfo::kFlagInternal,
&CreateAPIPermission<SettingsOverrideAPIPermission>},
{APIPermission::kStartupPages, "startupPages",
APIPermissionInfo::kFlagCannotBeOptional |
APIPermissionInfo::kFlagInternal,
&CreateAPIPermission<SettingsOverrideAPIPermission>},
};
std::vector<std::unique_ptr<APIPermissionInfo>> permissions;
for (size_t i = 0; i < arraysize(permissions_to_register); ++i)
permissions.push_back(
base::WrapUnique(new APIPermissionInfo(permissions_to_register[i])));
return permissions;
}
} // namespace extensions